Skip to the content

CESG calls for Secure by Default partners


Government’s information assurance authority offers financial and expertise incentives to test new security technologies

Government information assurance organisation CESG has put out a call for public sector organisations to join trials of new technologies to support information assurance under its Secure by Default Partnership Programme.

It has said the offer is open to any organisation that handles information classified as Official, including central government departments, local authorities, healthcare trusts and law enforcement agencies.

The offer extends to sub-teams that could provide a good case study, and is accompanied by a trio of incentives: advice and guidance on accreditation from a CESG team; the services of a nominated CESG technical expert to answer questions about technologies and provide on-site technical support; and £25,000 to spend on equipment, infrastructure, software licences and support costs.

“We think this is a great opportunity to get new technologies into the hands of your users. Our primary criteria is that regardless of the size or function of your organisation you would make a great case study for other organisations to follow,” said a statement from CESG.

The Secure by Default Partnership Programme involves testing technologies that are already used in the commercial sector to deal with shortcomings in the use of passwords as a means of authentication.

Windows 10 focus

The first round of trials will focus on user-friendly authentication running on Windows 10, with components including lightweight end-user devices, BitLocker encryption, Windows Hello for device unlock and log-on, and the use of Microsoft Passport for Work.

CESG said it wants to encourage the adoption of the technologies in the public sector and hopes that case studies from the trials will speed up the process. The trials will be focused on dealing with existing problems and “pain points” public sector users are experiencing with IT.

They are also designed to respond to three risk related questions that CESG said it is frequently asked: ‘Who else is doing this?’; ‘Will it affect my accreditation?’; and ‘Can I connect this technology to the Public Services Network?’

It wants applicants to provide evidence of working with its architectures and previously being involved in technology trials. It also wants to look at how the process could change the organisation’s operations and whether it could begin to integrate the technology quite quickly.

Picture from CESG, Open Government Licence

Register For Alerts

Keep informed - Get the latest news about the use of technology, digital & data for the public good in your inbox from UKAuthority.